Bitcoin mined from computers via toolbar without users’ knowledge

Bitcoin miners are good folk, by and large. That's why it's always disheartening when we hear about a case of Bitcoin thieving and scheming. An investigation by Malwarebytes last week found that a company named Mutual Public a.k.a. We Build Toolbars a.k.a. Your Free Proxy has been installing Bitcoin mining software on unwitting users' computers through unrelated downloadable toolbars and a proxy service (and possibly other products.) The software operates in the background, bogging down the computer's CPU and mining Bitcoin for the sole profit of Mutual Public. It legitimizes the practice by explaining its activities in the nobody-ever-reads-them EULA for the installed toolbars. And the software is difficult to permanently delete.

Now that's juicy. It's an apparently legal way to hijack users' systems and slow their CPUs by as much as 50% or more depending on the system, according to the Malwarebytes report. With the ever-climbing value of Bitcoin now hovering around $1,000 USD, a scheme like Mutual Public's could net the company a small fortune. This is in marked contrast to the aboveboard Bitcoin mining farms that have cropped up around the world, which are perfectly legitimate. They use their own computers instead of making some innocent downloader do all the heavy computing for them.

Bitcoin mining exists for a very good reason: security. It's a reward system for people who devote their computers' processing power to help solve the complex mathematical problems that encrypt and confirm Bitcoin transactions. Collectively, Bitcoin miners help keep the system going. When a miner solves a "block" of a problem, they get Bitcoin. The catch is that it eats up a lot of CPU, which is why many people build mining farms for the purpose.

Using and debilitating someone else's computer without their informed consent -- and then keeping all the profits -- is clearly unethical. Yes, the EULA (end user license agreement) for Mutual Public's malware-ridden digital products "informs" users of the program, as seen in this eye-popping section:

COMPUTER CALCULATIONS, SECURITY: as part of downloading a Mutual Public, your computer may do mathematical calculations for our affiliated networks to confirm transactions and increase security. Any rewards or fees collected by WBT or our affiliates are the sole property of WBT and our affiliates.

But that doesn't quite strike us as a full representation of the facts. The massive, undisclosed tug on the victim's CPU, coupled with the culprit .exe file's pesky tendency to reinstall itself after manual removal, goes well beyond the tiny EULA mention.